-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2009-04-22 09:16:27 UTC
-
Revision ID:
james.westby@ubuntu.com-20090422091627-41pt6l51d3aisjmd
Tags: 2.3.9-4ubuntu0.1
* SECURITY UPDATE: possible code execution via multiple integer overflows
- debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
don't overflow int with table + length or ndp + numMappings * 4 in
src/sfnt/ttcmap.c, validate glyph width and height in
src/smooth/ftsmooth.c.
- CVE-2009-0946